Small Business Cybersecurity Checklist (Illinois Edition)

1. Turn On MFA Everywhere You Can

Email, banking, payroll, cloud apps — if it supports multi-factor authentication, turn it on.

2. Lock Down Your Email Accounts

• Use strong, unique passwords.
• Enable MFA for all business email accounts.
• Review forwarding rules for anything suspicious.

3. Keep Devices Patched and Protected

• Install updates for Windows/macOS regularly.
• Use a reputable antivirus/EDR solution.
• Remove old devices you no longer use from your environment.

4. Back Up Critical Data

• Back up important files to a secure cloud or external system.
• Protect backups with unique credentials and MFA.
• Test a restore at least a couple of times per year.

5. Protect Remote Access

• Avoid exposing Remote Desktop directly to the internet.
• Use VPNs or secure remote tools instead.
• Require MFA for remote connections where possible.

6. Train Your Team (Even if It’s Just 2–3 People)

• Teach them how to spot phishing emails.
• Encourage them to ask when something feels off.
• Make it clear they won’t be punished for reporting suspicious activity.

7. Know Who to Call If Something Happens

When you suspect a security incident, minutes matter. Have a plan:

• Who do you call first (internal and external)?
• How do you disconnect affected devices?
• Where are your backups and how do you access them?

How IT LEGENDS Can Help

IT LEGENDS LLC works with solo pros and small/medium businesses in Waukegan, Gurnee, Chicago, Springfield, and across Illinois to put security basics in place without overwhelming your team or budget.

Many of the items on this checklist are included in our managed service bundles, which combine device management, Microsoft 365 security, and practical backup guidance.

View Service Bundles Book a Security-Focused Consultation